--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-00891047cf
2021-10-31 01:14:01.019149
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 34
Version : 34.22
Release : 1.fc34
URL :
https://github.com/fedora-selinux/selinux-policy
Summary : SELinux policy configuration
Description :
SELinux core policy package.
Originally based off of reference policy,
the policy has been adjusted to provide support for Fedora.
--------------------------------------------------------------------------------
Update Information:
New F34 selinux-policy build
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 18 2021 Zdenek Pytela <zpytela(a)redhat.com> - 34.22-1
- Add write permisson to userfaultfd_anon_inode_perms
- Allow unconfined_t transition to mozilla_plugin_t with NoNewPrivileges
- Add default file context for /run/gssproxy.default.sock
- Allow xdm_t watch fonts directories
- Allow xdm_t watch generic directories in /lib
- Allow xdm_t watch generic pid directories
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1974559 - SELinux policy prevents userfaultfds from being transferred using
SCM_RIGHTS
https://bugzilla.redhat.com/show_bug.cgi?id=1974559
[ 2 ] Bug #1997282 - SELinux is preventing sddm-greeter from 'watch' accesses on
the directory /run.
https://bugzilla.redhat.com/show_bug.cgi?id=1997282
[ 3 ] Bug #2007418 - SELinux is preventing Sandbox Forked from using the
'nnp_transition' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=2007418
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-00891047cf' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------